Vulnerability in Oracle Retail Xstore Office by Oracle
CVE-2018-3300

5.4MEDIUM

Key Information:

Vendor: Oracle
Status: Retail Xstore Office
Vendor: CVE Published:; 16 October 2019

What is CVE-2018-3300?

An improper access control vulnerability exists in Oracle Retail Xstore Office, allowing low privileged attackers with network access to exploit this flaw via HTTP. Successful attacks can lead to unauthorized access to sensitive data, enabling attackers to update, insert, or delete critical information within the system, as well as read access to certain available data. This poses significant risks to the confidentiality and integrity of data managed by Oracle Retail Xstore Office.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Retail Xstore Office 7.1

References

http://www.oracle.com/technetwork/security-advisory/cpuoc...

x_refsource_MISC

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 16, 2019
Vulnerability Reserved
Dec 15, 2017

JSON

Oracle